enum security_user_level security_session_user_level(struct auth_session_info *session_info) { if (!session_info) { return SECURITY_ANONYMOUS; } if (security_token_is_system(session_info->security_token)) { return SECURITY_SYSTEM; } if (security_token_is_anonymous(session_info->security_token)) { return SECURITY_ANONYMOUS; } if (security_token_has_builtin_administrators(session_info->security_token)) { return SECURITY_ADMINISTRATOR; } if (security_token_has_enterprise_dcs(session_info->security_token)) { return SECURITY_DOMAIN_CONTROLLER; } if (security_token_has_nt_authenticated_users(session_info->security_token)) { return SECURITY_USER; } return SECURITY_ANONYMOUS; }
static enum user_is what_is_user(struct ldb_module *module) { struct auth_session_info *session_info = ldb_get_opaque(module->ldb, "sessionInfo"); if (!session_info) { return ANONYMOUS; } if (security_token_is_system(session_info->security_token)) { return SYSTEM; } if (security_token_is_anonymous(session_info->security_token)) { return ANONYMOUS; } if (security_token_has_builtin_administrators(session_info->security_token)) { return ADMINISTRATOR; } if (security_token_has_nt_authenticated_users(session_info->security_token)) { return USER; } return ANONYMOUS; }
enum security_user_level security_session_user_level(struct auth_session_info *session_info, const struct dom_sid *domain_sid) { if (!session_info) { return SECURITY_ANONYMOUS; } if (security_token_is_system(session_info->security_token)) { return SECURITY_SYSTEM; } if (security_token_is_anonymous(session_info->security_token)) { return SECURITY_ANONYMOUS; } if (security_token_has_builtin_administrators(session_info->security_token)) { return SECURITY_ADMINISTRATOR; } if (domain_sid) { struct dom_sid *rodc_dcs; rodc_dcs = dom_sid_add_rid(session_info, domain_sid, DOMAIN_RID_READONLY_DCS); if (security_token_has_sid(session_info->security_token, rodc_dcs)) { talloc_free(rodc_dcs); return SECURITY_RO_DOMAIN_CONTROLLER; } talloc_free(rodc_dcs); } if (security_token_has_enterprise_dcs(session_info->security_token)) { return SECURITY_DOMAIN_CONTROLLER; } if (security_token_has_nt_authenticated_users(session_info->security_token)) { return SECURITY_USER; } return SECURITY_ANONYMOUS; }